AS/400 OverviewResources Applies To: AS/400 iSeries 6.1-7.1. Overview AS/400 operating system is object-based. Features include a RDBMS (DB2/400), a menu-driven interface, support for multiple users, block-oriented terminal support (IBM 5250), and printers. It supports security, communications, and web-based applications which can be executed inside the optional IBM WebSphere Application Server or as PHP/MySQL applications inside a native port of the Apache web server. EventTracker is an enterprise-class platform that seamlessly combines SIEM, Log Management, File Integrity Monitoring, machine analytics and so forth. EventTracker Knowledge Pack for AS/400 allows you to monitor the following components: - Security – Command string auditing and directory link and unlink activities. Operation – Authority change activities, object operations and interprocess communication. Compliance – User authentication failures and audit change activities. Previous Next Once AS/400 is configured to deliver events to EventTracker Manager; alerts, dashboards and reports can be configured into EventTracker. Some of the Knowledge Packs available in EventTracker are listed below. For more information, please refer Integration Guide. Security Alerts AS/400: Directory unlink: This alert is generated when any directory is unlinked or removed. Reports AS/400- Command string audit- This report provides information related to all the command strings that has been executed in the AS/400 CLI. Operations Alerts AS/400: Inteprocess communication activities: This alert is generated when any interprocess communication changes occur such as ownership change, create, delete, authority failure and shared memory removal or attach. AS/400: Object operations: This alert is generated when any objects operation has taken place such as object created, deleted, renamed, modified, ownership changed, and assigned rights. Reports AS/400- Authority change activities- This report provides information related to all the changes in authority like grant, replace and revoke. AS/400- Spooled file activities- This report provides information related to all the spooled file activities. AS/400- Interprocess communication activities- This report provides information related to all the interprocess communications. AS/400- Object operations- This report provides information related to all the object operations such as object created, deleted, renamed, modified, ownership changed, and assigned rights. Compliance Alerts AS/400: User authentication failures: This alert is generated when any user authentication failure occurs. Reports AS/400- User authentication failures- This report provides information related to all the user authentication failures. Scope The configurations detailed in this guide are consistent with EventTracker version 8.x and later, and AS/400 iSeries 6.1-7.1. Documentation For more information, please refer the AS/400 Integration guide.